[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Torbirdy - IMAP issue



It doesn't have anything to do with TorBirdy. All you really have to do,
is to have Encryption on by default in Enigmail.

Your drafts are now going to be encrypted. Problem solved!

Bests,
-- 
Nima
0XC009DB191C92A77B | mrphs - https://anarchy.io

"I disapprove of what you say, but I will defend to the death your right
to say it" --Evelyn Beatrice Hall

arkmd:
> Accessing an email server via IMAP may leak data by saving a draft on
> the remote server.
> 
> 
> Using Thunderbird+Enigmail+Torbirdy.
> 
> While writing a message on Thunderbird, it is automatically saved as a
> draft, which by default is sent to the IMAP server. So the server will
> be able to read that message.
> 
> That's a big problem when the message should be encrypted before sent.
> So the email provider will be able to read sensitive data on those
> drafts in cleartext and the user probably won't notice.
> 
> 
> To solve this the user need to manually set the account drafts
> settings (in Copies & Folders) to keep drafts on Local Folders.
> 
> I think Torbirdy should do it by default.
> 
> This info should be added to known issues on Torbirdy wiki.
> 
> 
> I know Torbirdy developers recommend POP over IMAP, but as a
> mailtor.net user I don't have any other option.
> 


Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev